10/16 Meeting nmap

At this meeting Mark Lester gave a brief presentation on nmap and set up a challenge to help better understand when nmap is useful.
The challenge was to find the secret message on a network. Here how the challenge was solved
First login to the network with the account provided. From there you can use nmap to scan the rest of the network. Since one does not know how the network is laid out one must first figure out the layout

ifconfig

brings back
all the network info
from that you can tell that the the network is a class C network on the ip range of 192.168.1.0-255

From there you need to find out which of these ips are active so this is were nmap comes in
there are many ways to map out a network with nmap I used

nmap -v -A -T5 192.168.1.0/24

from this you will get back a list of computers and the services that are running on them.
From there you look for interesting ports
Looking through this list one can see that there is port on 192.168.1.110 that is 31415
which are the first 5 digits of pi. This seems interesting so I want to see if I make a connection with it what will happen. This is where netcat comes into play
nc 192.168.1.110 31415

Eureka the port response with
my notes
Phoenix
user:secret
password: Ifoundthepassword

so this obviously looks like someone notes to get into an account. we know the credentials and now we need to know which computer the credentials are good for. My bet would be a computer relates to Phoenix somehow. Looking back at the nmap output we get another Eureka. Phoenix is the hostname of computer 192.168.1.117 so lets try sshing into it.

ssh secret@192.168.1.117

and we're in using a simple ls we see there is a message labeled
Congratulation.message
cating that gets you the secret message